Technical Description

Two vulnerabilities were identified in Microsoft Windows, which could be exploited by attackers to cause a denial of service, disclose sensitive information or conduct spoofing attacks.

The first issue is due to an error in the method used by domain controllers to process specially crafted Kerberos messages (port 88), which could be exploited by authenticated attackers to cause the service that is responsible for authenticating users in an Active Directory domain to stop responding.

The second flaw is due to an error in the implementation of the PKINIT protocol when validating received data, which could be exploited by local attackers to access sensitive information, spoof a domain controller, and view encrypted network communication.

Affected Products

Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 for Itanium-based Systems
Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Windows Server 2003 x64 Edition

Solution

Apply patches :
http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx

References

http://www.vupen.com/english/advisories/2005/1356
http://www.microsoft.com/technet/security/Bulletin/MS05-042.mspx

Credits

Vulnerabilities reported by Tony Chin and Andre Scedrov

ChangeLog

2005-08-09 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.